1SSL_CTX_SET_INFO_CALLBACK(3)        OpenSSL       SSL_CTX_SET_INFO_CALLBACK(3)
2
3
4

NAME

6       SSL_CTX_set_info_callback, SSL_CTX_get_info_callback,
7       SSL_set_info_callback, SSL_get_info_callback - handle information
8       callback for SSL connections
9

SYNOPSIS

11        #include <openssl/ssl.h>
12
13        void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
14        void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
15
16        void SSL_set_info_callback(SSL *ssl, void (*callback)());
17        void (*SSL_get_info_callback(const SSL *ssl))();
18

DESCRIPTION

20       SSL_CTX_set_info_callback() sets the callback function, that can be
21       used to obtain state information for SSL objects created from ctx
22       during connection setup and use. The setting for ctx is overridden from
23       the setting for a specific SSL object, if specified.  When callback is
24       NULL, no callback function is used.
25
26       SSL_set_info_callback() sets the callback function, that can be used to
27       obtain state information for ssl during connection setup and use.  When
28       callback is NULL, the callback setting currently valid for ctx is used.
29
30       SSL_CTX_get_info_callback() returns a pointer to the currently set
31       information callback function for ctx.
32
33       SSL_get_info_callback() returns a pointer to the currently set
34       information callback function for ssl.
35

NOTES

37       When setting up a connection and during use, it is possible to obtain
38       state information from the SSL/TLS engine. When set, an information
39       callback function is called whenever a significant event occurs such
40       as: the state changes, an alert appears, or an error occurs.
41
42       The callback function is called as callback(SSL *ssl, int where, int
43       ret).  The where argument specifies information about where (in which
44       context) the callback function was called. If ret is 0, an error
45       condition occurred.  If an alert is handled, SSL_CB_ALERT is set and
46       ret specifies the alert information.
47
48       where is a bitmask made up of the following bits:
49
50       SSL_CB_LOOP
51           Callback has been called to indicate state change or some other
52           significant state machine event. This may mean that the callback
53           gets invoked more than once per state in some situations.
54
55       SSL_CB_EXIT
56           Callback has been called to indicate exit of a handshake function.
57           This will happen after the end of a handshake, but may happen at
58           other times too such as on error or when IO might otherwise block
59           and non-blocking is being used.
60
61       SSL_CB_READ
62           Callback has been called during read operation.
63
64       SSL_CB_WRITE
65           Callback has been called during write operation.
66
67       SSL_CB_ALERT
68           Callback has been called due to an alert being sent or received.
69
70       SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
71       SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
72       SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
73       SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
74       SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
75       SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
76       SSL_CB_HANDSHAKE_START
77           Callback has been called because a new handshake is started. In
78           TLSv1.3 this is also used for the start of post-handshake message
79           exchanges such as for the exchange of session tickets, or for key
80           updates. It also occurs when resuming a handshake following a pause
81           to handle early data.
82
83       SSL_CB_HANDSHAKE_DONE           0x20
84           Callback has been called because a handshake is finished. In
85           TLSv1.3 this is also used at the end of an exchange of post-
86           handshake messages such as for session tickets or key updates. It
87           also occurs if the handshake is paused to allow the exchange of
88           early data.
89
90       The current state information can be obtained using the
91       SSL_state_string(3) family of functions.
92
93       The ret information can be evaluated using the SSL_alert_type_string(3)
94       family of functions.
95

RETURN VALUES

97       SSL_set_info_callback() does not provide diagnostic information.
98
99       SSL_get_info_callback() returns the current setting.
100

EXAMPLES

102       The following example callback function prints state strings,
103       information about alerts being handled and error messages to the
104       bio_err BIO.
105
106        void apps_ssl_info_callback(SSL *s, int where, int ret)
107        {
108            const char *str;
109            int w = where & ~SSL_ST_MASK;
110
111            if (w & SSL_ST_CONNECT)
112                str = "SSL_connect";
113            else if (w & SSL_ST_ACCEPT)
114                str = "SSL_accept";
115            else
116                str = "undefined";
117
118            if (where & SSL_CB_LOOP) {
119                BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
120            } else if (where & SSL_CB_ALERT) {
121                str = (where & SSL_CB_READ) ? "read" : "write";
122                BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n", str,
123                           SSL_alert_type_string_long(ret),
124                           SSL_alert_desc_string_long(ret));
125            } else if (where & SSL_CB_EXIT) {
126                if (ret == 0) {
127                    BIO_printf(bio_err, "%s:failed in %s\n",
128                               str, SSL_state_string_long(s));
129                } else if (ret < 0) {
130                    BIO_printf(bio_err, "%s:error in %s\n",
131                               str, SSL_state_string_long(s));
132                }
133            }
134        }
135

SEE ALSO

137       ssl(7), SSL_state_string(3), SSL_alert_type_string(3)
138
140       Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
141
142       Licensed under the OpenSSL license (the "License").  You may not use
143       this file except in compliance with the License.  You can obtain a copy
144       in the file LICENSE in the source distribution or at
145       <https://www.openssl.org/source/license.html>.
146
147
148
1491.1.1                             2018-09-11      SSL_CTX_SET_INFO_CALLBACK(3)
Impressum